Data Protection Officer

Hey you \uD83D\uDC4B Want to work for one of the fastest growing SaaS companies in the world? \uD83D\uDCC8

We’re building the next generation of learning software that companies like AWS, Netflix, Opentable and L’Oreal rely on to deliver training \uD83D\uDCBB We believe learning is for everyone, and that we all have something we can learn from each other. We rely on one another to continuously innovate our products and processes to create an exceptional experience for our employees, customers and partners.

Still not sure? We are a culture where values are at the center of everything we do. We also embody what we call the
**Docebo Heart**. We trust our teammates, assume the best of one another, and also hold space for all the differences that make us better. \uD83D\uDC99

Are you ready to be a part of the learning revolution? \uD83D\uDE80

**About This Opportunity**:
Docebo is looking for a technically savvy Data Protection Officer (DPO) with strong legal knowledge. The role is responsible for enhancing and maintaining the privacy and data protection framework within Docebo with a heavy focus on pragmatic business counselling on data usage and compliance issues. The DPO will establish, implement and manage processes that ensure purposeful, robust, and proactive compliance with regulatory requirements. The DPO will provide advice and act as a key stakeholder in relation to most of the data protection and privacy-related activities.

**Role and Responsibilities**:

- Lead the design, implementation, and maintenance of Docebo’s global privacy program.
- Provide and maintain policy governance around Data Protection.
- Work closely with Information Security, Legal and Product on complex issues as they emerge in developing new services and technologies and marketing-related privacy issues such as consent requirements and cookie compliance.
- Ensure the Docebo Register of Processing Activities is up to date by providing support and guidance to internal teams to help them maintain it, using privacy governance tools.
- Champion the integration of Privacy Principles across the organization, including internal/external audits, awareness-raising activities, and staff training in processing operations.
- Support the ongoing review and update of the DPMS structure, including associated processes, standards, procedures, and Privacy Shield.
- Provide advice where a DPIA has been carried out and monitor its performance, including advising and assisting Docebo business function with the carrying out of DPIAs, advising Privacy Counsel on when a DPIA is required under regulations, assisting such functions with procedural and substantive aspects of DPIAs, and undertaking any prior consultations with Privacy Counsel or supervisory authorities that may deem required.
- Create and maintain a Data Retention Policy with Privacy Counsel and guide internal functions to make it effective.
- Participate in information security incident planning, investigation, and response to ensure compliance with all relevant laws, regulations, and contractual requirements.
- Understand and stay current on applicable laws, regulations, and industry standards related to privacy and data protection.
- Advise Security, HR, business, and engineering teams regarding privacy by design and data governance.
- Analyze and help operationalize new privacy laws and standards.

**Qualifications**:

- Experience as in-house experience as a privacy lawyer/privacy counsel.
- Experience as a Data Protection Officer (DPO)
- Experience supporting Software as a Service (SaaS), mobile privacy, analytics, and AI is a strong plus.
- Demonstrable experience with privacy governance/compliance tools (OneTrust, DPOrganiser, TrustArc) and associated reporting.
- Experience handling investigations, including communication with authorities and external parties, will be considered a plus.
- Strong passion and knowledge of cloud computing and product development.
- Keen to deeply understand the functions of Docebo’s business direction, data assets, and information flows.
- Excel in a collaborative team approach in advancing projects in a multi-stakeholder environment.
- Possess a deep knowledge of applicable data privacy regulations and standards (e.g., CCPA, GDPR, PIPEDA, PIPL, Cookie Directive, HIPAA, etc.).
- IAPP privacy certification (CIPP/E or CIPT) required.
- A team player with a sense of humour, self-awareness, innate curiosity, desire, and ability to learn rapidly.
- Keen understanding of the changing landscape of international privacy laws, regulations, and guidance.
- Strong verbal and written communication skills.
- A strong sense of initiative and drive to improve.

**Benefits & Perks** \uD83D\uDE0D
- Inclusive and flexible work environment
- Generous Vacation Policy, plus 2 extra floating holidays to use for religious or cultural events that matter to you
- Employee Share Purchase Plan
- Career progression/internal mobility opportunities
- Four employee res